.Net and the falacy of security

.Net purports to be a secure platform, but when I create a .Net setup package and used a custom action I found that I could not run the setup package on a network.

I have a VB.Net installer. The installer program I created
(System.Configuration.Install) handles the various events
like MyBase.AfterUninstall, etc. This program works fine
but when I run the installer on a network resource (a UNC
path) it generates a System.Security.Security exception
before the program even starts. The .MSI installer kicks
off just fine, but throws the exception just when the .EXE
program starts.

The installer works fine if the UNC drive is mapped, or if a
local drive. Any idea on what may be happening?

The solution may surprise you. It surprised me! The setup package created in VS.Net has to be given permissions to execute from a UNC path, but not from a mapped drive! My users would never go for having to do that. They want to click a link in the email I send or on a web page and have the installer run. Fortunately, there is an easy work around, but it shows just how crummy the .Net security is.

Here’s the trick: Create a batch file named setup.bat that gives the user all the permissions the setup package needs to run on the network. Here’s the contents of the batch file used to set security on .Net 1.1: